From 2b06edccd355b7b692905968a305712f7d350c25 Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Mon, 13 Jun 2016 17:48:59 -0600
Subject: [PATCH] Use challenge domain for tls-sni solver

Matches the new upstream function signature and fixes previously broken
behavior; new solver code confirmed to work during restarts
---
 caddytls/tls.go | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/caddytls/tls.go b/caddytls/tls.go
index a146004f5..c871492ac 100644
--- a/caddytls/tls.go
+++ b/caddytls/tls.go
@@ -113,20 +113,24 @@ type tlsSniSolver struct{}
 
 // Present adds the challenge certificate to the cache.
 func (s tlsSniSolver) Present(domain, token, keyAuth string) error {
-	cert, err := acme.TLSSNI01ChallengeCert(keyAuth)
+	cert, acmeDomain, err := acme.TLSSNI01ChallengeCert(keyAuth)
 	if err != nil {
 		return err
 	}
 	cacheCertificate(Certificate{
 		Certificate: cert,
-		Names:       []string{domain},
+		Names:       []string{acmeDomain},
 	})
 	return nil
 }
 
 // CleanUp removes the challenge certificate from the cache.
 func (s tlsSniSolver) CleanUp(domain, token, keyAuth string) error {
-	uncacheCertificate(domain)
+	_, acmeDomain, err := acme.TLSSNI01ChallengeCert(keyAuth)
+	if err != nil {
+		return err
+	}
+	uncacheCertificate(acmeDomain)
 	return nil
 }